https://bugzilla.wikimedia.org/show_bug.cgi?id=47694

--- Comment #61 from Steven Walling <swall...@wikimedia.org> ---
(In reply to comment #60)
> 
> (In reply to comment #59)
> > I cannot find a _single_ good example of a login form which
> > specifies
> > an exact time limit on saved login sessions, even if cookie policies may
> > differ. This obviously supports the view that it would be unusual to present
> > this, and probably unnecessary.
> 
> As most arguments where Steven uses the word "obviously", this is IMHO a very
> weak and disputable one. Cookies are one of the least honest businesses of
> the
> internet and few or no websites are straightforward with their users about
> them
> (though this is getting better in EU thanks to recent directives): however,
> MediaWiki's ethical standards are higher than the average and we shouldn't
> blindly follow bad practices, however common they might be.
> Best example of dishonesty has always been Google (which triggered the EU
> directive):
> https://www.eff.org/deeplinks/2007/07/edition-privacy-theater-googles-cookie-
> monster
> http://edri.org/edrigramnumber5-15search-engine-privacy/
> Many users are bothered, as the number of featured browser extensions with
> hundreds thousands users show:
> https://addons.mozilla.org/it/firefox/addon/betterprivacy/
> https://addons.mozilla.org/it/firefox/addon/anonymox/
> https://addons.mozilla.org/en/firefox/addon/self-destructing-cookies/
> 

We're discussing about setting a long term login cookie for users who opt-in,
not auto-renewing cookies or any number of other scummy things in the post you
link to. Users already get to decide. We're talking about how to choose the
clearest language to describe the choice they're making. Matching user
expectations by using similar language that is familiar to them from the same
generic interface on other popular sites helps users make a decision quickly
and without needing to read excess detail like "keep me logged in for 180
days".  

No one here has actually presented a real-world complaint from users, about how
they can't use the login form because it doesn't precisely specify the length
of a login session. That's because it doesn't happen. Most users don't really
care exactly how many days you remember them when they're trying to finish the
login process quickly and without having to think much about it. They either
want their session to expire, or to be remembered. (Yes, we all use MediaWiki.
We're also all technical people commenting here, many of us people who submit
patches. We don't represent what most average users need and expect.)

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to